<?php
include './include/common.inc.php';
include './include/role.class.php';
require '../include/form.class.php';

$role_db = new role();
$action = isset( $action ) ? $action : 'manage';
$forward = get_forward( 'role.php' );

$params = array();
array_push( $params, "status = 99" );
if( isset( $rolename ) && strlen( $rolename ) > 0 )
{
    array_push( $params, "rolename like '%$rolename%'" );
}
$order = " ORDER BY listorder DESC, inputtime DESC";

$STATUS_LIST = array( 99 => '终审通过', 1 => '待审', 0 => '删除' );

if( $current_user === false )
{
	if( isset( $edufepm ) && $edufepm == 'iframe' )
	{
		$response->alert( '请您登陆后再访问' );
		$response->redirect( $base_dir . 'admin/login.php' );
		$response->execute();
	}
	else
	{
		showmessage( '请您登陆后再访问', $base_dir . 'admin/login.php' );
	}
}

switch( $action )
{
    case 'add':
        $have_perm = check_perms( 'R002' );
        if( isset( $_POST['rolename'] ) )
		{
            if( $have_perm === false )
			{
				$response->alert( '您没有权限进行此操作！' );
				$response->execute();
			}
			if( empty( $rolename ) || strlen( $rolename ) > 100 )
			{
				$response->text_alert( 'error','rolename','角色名称不能为空且长度不能大于100个字符' );
			}
			$response->real_execute();
			$params = array(
				'rolename'	  =>  $rolename,
                'description' =>  $description,
                'elements'    =>  $elements,
                'status'      =>  99,
                'inputtime'   =>  date( "Y-m-d H:i:s" ),
			);
            $res = $role_db->add_role( $params );
			if( !empty($res) )
			{
				$response->alert( '添加成功' );
				$response->redirect( urldecode( $forward ) );
			}
			else
			{
				$response->alert( '添加失败' );
				$response->script( 'self.location = self.location' );
			}
			$response->execute();
		}
		else
		{
            if( $have_perm === false )
			{
				showmessage('您没有权限进行此操作！');
			}
			include template( 'admin', 'role_add' );
		}
        break;

    case 'upd':
        $have_perm = check_perms( 'R003' );
        if( isset( $_POST['rolename'] ) )
		{
            if( $have_perm === false )
			{
				$response->alert( '您没有权限进行此操作！' );
				$response->execute();
			}
			if( empty( $rolename ) || strlen( $rolename ) > 100 )
			{
				$response->text_alert( 'error','rolename','角色名称不能为空且长度不能大于100个字符' );
			}
			$response->real_execute();
			$params = array(
				'rolename'	  =>  $rolename,
                'description' =>  $description,
                'updatetime'  =>  date( "Y-m-d H:i:s" ),
			);
			$res = $role_db->edit_role( $params, $roleid );
			if( !empty($res) )
			{
				$response->alert( '修改成功' );
				$response->redirect( urldecode( $forward ) );
			}
			else
			{
				$response->alert( '修改失败' );
				$response->script( 'self.location = self.location' );
			}
			$response->execute();
		}
		else
		{
            if( $have_perm === false )
			{
				showmessage('您没有权限进行此操作！');
			}
			$info = $role_db->get_role( $roleid );
			if( !isset( $info['roleid'] ) )
			{
				showmessage( '要编辑的角色不存在' );
			}
			include template( 'admin', 'role_upd' );
		}
        break;

    case 'del':
        $have_perm = check_perms( 'R004' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
		$info = $role_db->get_role( $roleid );
		if( !isset( $info['roleid'] ) )
		{
			$response->alert( '要删除的角色不存在' );
			$response->execute();
		}
		$res = $role_db->del_role( $roleid );
		if( $res == false )
		{
			$response->alert( '删除失败' );
		}
		else
		{
			$response->alert( '删除成功' );
			$response->script( 'self.location=self.location' );
		}
		$response->execute();
        break;

    case 'del_all':
        $have_perm = check_perms( 'R004' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
        if( isset( $_POST['rid'] ) )
		{
			foreach ( $rid as $id )
			{
				$role_db->del_role( $id );
			}
			$response->alert( '删除成功！' );
			$response->script( 'self.location=self.location' );
			$response->execute();
		}
		else
		{
			$response->alert( '请选择要删除的角色' );
			$response->execute();
		}
        break;

    case 'listorder':
        $have_perm = check_perms( 'R005' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
        $result = $role_db->listorder( $listorder );
		if( $result )
		{
            $response->alert( '修改成功' );
            $response->redirect( urldecode( $forward ) );
		}
		else
		{
			$response->alert( '修改失败' );
		}
        $response->execute();
        break;

    case 'perm':
        $have_perm = check_perms( 'R006' );
        if( isset( $dosubmit ) == "dosubmit" )
        {
            if( $have_perm === false )
            {
                $response->alert( '您没有权限进行此操作！' );
                $response->execute();
            }
            if( empty( $perm ) || sizeof( $perm ) <= 0 )
			{
				$response->text_alert( 'error','perm','请至少选择一个权限元' );
                $response->real_execute();
			}
            $info = $role_db->get_role( $roleid );
            if( !isset( $info['roleid'] ) )
            {
                $response->alert( '要保存的角色不存在' );
                $response->execute();
            }
            $perm = implode( ",", $_POST['perm'] );
            $res = $role_db->perm_role( $perm, $roleid );
            if( $res == false )
            {
                $response->alert( '权限元设置失败' );
                $response->script( 'self.location=self.location' );
            }
            else
            {
                $response->alert( '权限元设置成功' );
                $response->redirect( urldecode( $forward ) );
            }
            $response->execute();
        }
        else
        {
            if( $have_perm === false )
			{
				showmessage('您没有权限进行此操作！');
			}
            if( !class_exists( 'perm' ) )
			{
				include '../admin/include/perm.class.php';
			}
			$perm = new perm();
			$permlist = $perm->get_all_perms();
			$info = $role_db->get_role( $roleid );
            $perm_check = explode( ",", $info['elements'] );
			if( !isset( $info['roleid'] ) )
			{
				showmessage( '要编辑的角色不存在' );
			}
			include template( 'admin', 'role_perm' );
        }
        break;

    case 'search':
        $url = 'role.php';
		$url .= isset( $rolename ) && !empty( $rolename ) ? '?rolename='.urlencode( $rolename ) : '';
		$response->redirect( $url );
		$response->execute();
        break;

    case 'manage':

    default:
        $have_perm = check_perms( 'R001' );
        if( $have_perm === false )
        {
            showmessage( '您没有权限进行此操作！' );
        }
        $page = isset( $page ) ? intval( $page ) : 1;
		$page = max( $page, 1 );
        $pagesize = 10;
		$role_list = $role_db->get_list( $params, $order, $page, $pagesize );
        $role_pages = $role_db->pages;
        $forward = make_forward();
		include template( 'admin', 'role_manage' );
        break;
}

?>
